Vulnerability CVE-2007-3564: Information
Description
libcurl 7.14.0 through 7.16.3, when built with GnuTLS support, does not check SSL/TLS certificate expiration or activation dates, which allows remote attackers to bypass certain access restrictions.
Severity: HIGH (7.5)
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
http://www.curl.haxx.se/docs/adv_20070710.html |
|
USN-484-1 |
|
24938 | |
26104 |
|
26108 |
|
DSA-1333 | |
2007-0023 | |
26128 | |
26231 | |
ADV-2007-2551 | |
libcurl-gnutls-weak-security(35479) |